1. Field of the Invention
The present application relates to cryptography operations. More specifically, the present application relates to methods and apparatus for efficiently performing authentication operations on a block in a record as soon as the block is decrypted.
2. Background Art
Many secure communications protocols, for example Secure Sockets Layer (SSL) and Transport Layer Security (TLS), specify that data be both encrypted for data privacy and authenticated for integrity and source verification. Conventional software and hardware designs for performing decryption and authentication operations are inefficient. One technique for performing authentication and decryption entails using software techniques to receive a record and decrypt the entire record. Upon decrypting the entire record, authentication operations are then performed on each of the decrypted blocks in the record. However, many inefficiencies are introduced by having to read and process the same data multiple times. Many firmware and hardware techniques share similar inefficiencies.
Software, firmware and hardware techniques for performing decryption and authentication operations, such as DES, RC4, AES, MD5 and SHA1 operations used in secured sessions have been inefficient and resource intensive. Secured sessions, authentication operations, and decryption algorithms are described in Applied Cryptography, Bruce Schneier, John Wiley & Sons, Inc. (ISBN 0471128457), NIST Federal Information Processing Standard FIDS-197 (AES), Internet Engineering Task Force (IETF) Request for Comments Standard RFC2246 (TLS), and SSL and TLS: Designing and Building Secure Systems, by Eric Rescorla (ISBN 0201615983), the entireties of which are incorporated by reference for all purposes.
It is therefore desirable to provide methods and apparatus for improving decryption and authentication processing with respect to some or all of the performance limitations noted above.